ReSharper 2.01 maintenance release available

JetBrains has released version 2.01 of the popular (and must have!!) ReSharper tool for Visual Studio.

You can find the release notes here:…

And you can find the download itself here:

(Note, this is actually build 259, so if you have already downloaded the EAP build, you're all set.)

I know quite a few of you have downloaded the 2.0 release version and have found the experience to be slow and at times buggy. This maintenance release has come a long way, so if you were intrigued by ReSharper before, you should do yourself a favor and check out this latest release!


Posted in ReSharper | Leave a comment

Using ReSharper as an essential part of your TDD toolkit

I have been a long time and fan and user of JetBrain's ReSharper add-in for Visual Studio .NET. At a high-level, ReSharper is a productivity and refactoring plug-in for Visual Studio, but that simple description belies the genius behind the product.

As a TDD advocate and practitioner, I have found ReSharper to be absolutely indispensable in writing tests, writing the implementation, getting the tests to pass, and then refactoring. The "Red -> Green -> Refactor" rhythm is essential to writing testable, robust, and correct code the first time. My experience with ReSharper 2.0 and NUnit has led me to a surprising productivity boost by shortening the feedback loop between constructing a test, implementing the minimal amount of no-fluff code to make it pass, and then refactoring the code as/if necessary.

Out of the box, ReSharper 2.0 offers unit testing support for NUnit test fixtures (future plans include MBUnit and possibly Team System fixtures). ReSharper brings enhanced IDE integration through a tool window that lists all of your tests in the familiar NUnit tree view:

But wait! There's more!

Inside your unit test fixtures, ReSharper adds some icons to the left of your code window to run either a particular test or all tests within the current fixture.

For example, it's easy to run all the unit tests in a particular fixture:

Or you can easily run tests at the individual method level:

From this context menu, at an individual test method level, you can run a unit test directly without navigating to the Unit Test Runner tool window. In addition, you can choose to run JetBrain's DotTrace code profiler against the particular test. (I won't bother to comment on the easy to access "Debug" option, as it may lead to Test Driven Debugging…).

From my experience, ReSharper has been a great boost to my personal productivity. The only downsides for me have been the slow loading times (due to parsing of all the projects and referenced assemblies in your solution) and some minor stability issues for some of the post-2.0 preview builds (build 257 seems relatively stable so far).

One of the most important things to consider when adopting a new tool or technique is how "friction-less" it fits into the way you develop your code. ReSharper has been great in this particular aspect, in addition to having some great(!) code generation features, such as the ability to generate new classes and methods as you write your unit tests:

Also helpful, too, is the ability to quickly navigate between code files spread out across many projects in larger solutions with CTRL-SHIFT-N:

And also the ability to quickly navigate to variable/method/class declarations with CTRL-Click (ReSharper highlights the current text under your mouse when you hold CTRL):

If you're a keyboard/shortcuts junkie, if TDD drives everything you do, and if you're looking for a way to take the drudgery out of writing code, you may be interested in giving ReSharper a spin.

You can download the "released" version from this URL

And you can download the latest EAP preview build (currently 257) from…

Finally, if you're interested learning more about Test Driven Development, Mock objects, and more, be sure to check out Jeremy's most excellent post Best of the Shade Tree Developer.

[tags: resharper,tdd,refactoring]

Posted in ReSharper | 6 Comments

Presentation to DC MICSUG on MIIS AD/RACF Synchronization

Last night I had the opportunity to present a recent case study on an MIIS implementation to the Capital Area Microsoft Connected Systems User Group (MICSUG). My presentation followed an introduction to MIIS by Microsoft Principal Technology Evangelist Joe Francis. Thanks go to Geoff Snowman for coordinating the event and logistics. 

My case study presentation covered how MIIS was leveraged to provide identity synchronization and access management between Active Directory to an IBM RACF security database. In addition, I covered several lessons learned that we took away from the implementation experience which are applicable to nearly all types of MIIS projects.

>> MIIS Identity Management Case Study presented to MICSUG

[tags: miis,identity management,ibm
racf,access management,enterprise identity]

Posted in Identity Management, Regional News (VA) | Leave a comment

MIIS Operational Information: High Availability, Disaster Recovery resources

A question was posted to the Yahoo! (Microsoft Meta Directory Users Group) MMSUG (link) requesting information about Microsoft Identity Integration Server (MIIS) disaster recovery and database management.

Here are a list of resources that have been helpful for us in planning and managing our MIIS implementation as well as developing our disaster recovery plans.

If I have missed any resources, please let me know. Thanks!

[tags: miis, disaster recovery, high availability]

Posted in Identity Management | Leave a comment

Password reset challenge questions: More trouble than they are worth?

Keith Brown states that password “security questions are considered dangerous” in the context of web applications, in particular as it relates to the new Membership Provider functionality in ASP.NET 2.0, because “there’s nothing stopping the user from asking a question that is easily answered by a 6 year old.”

This is an excellent point and raises some important questions, especially as companies seek ways to reduce help desk and administrative IT support costs. Is it enough to leave the security of your web applications or network resources in the hands of your users with a simple question/answer password reset challenge model?

Self-service password reset solutions sound very appealing for a number of reasons, especially so in the enterprise space. One reason, certainly, is the focus on reducing IT support costs and loss of employee productivity. Gartner says that companies can save anywhere from $51 to $147 per call by providing a self-service password reset solution[1]. If that sounds like a lot of money each time a user picks up the phone to call the help desk, you’re right, because it ties up both the help desk operator and the employee. Multiply this by the number of systems where the user has identity information (on average 16!), and this cost can be significant. Consider also that in most larger companies it is estimated that up to a third of help desk call volume is dedicated to password reset tasks.

Some might recommend that we do away with password resets altogether as they risk the pose is too great to be worth the cost savings that are promised. Alun Jones suggests that we might be better off doing away with self-service resets and instead take a walk down to the security office and show physical ID before a password is reset, or use any other method than self-service, such as requesting a reset and having your new password mailed to your manager.

Is there an acceptable middle ground to be found? Given the significant costs savings that might be had by implementing a self-service password reset solution, what would it take to do it right?

Perhaps it may take multi-factor evidence to assure non-repudiation of your identity. Maybe in addition to your password challenge question you would also have to swipe your smart card or answer several questions of varying difficulty depending on your organizational role, for example.

The take away to this discussion is that self-service password resets are more complicated than they look, and that you should be careful in choosing to implement this functionality without fully considering the potential risks involved. Microsoft has done a great job of providing us with a solid provider model to implement with ASP.NET 2.0, but let’s remember to take a pause and carefully evaluate the risks and benefits involved.

[1] Gartner Group, 2002, “Password Reset: Self-Service that you will love”

[tags: identity management, idm, password reset, self-service, membership provider, miis]

Posted in Identity Management | 7 Comments